Settings API - Runtime Vulnerability Analytics- Monitoring rules for code-level vulnerabilities schema table
Vulnerability Analytics: Monitoring rules for code-level vulnerabilities (builtin:appsec.code-level-vulnerability-rule-settings)
Global code-level vulnerability detection control defines the default for all process groups. Define custom monitoring rules here to override the default. Note that the monitoring rules are ordered; first matching rule will be applied.
| Schema ID | Schema groups | Scope |
|---|---|---|
builtin:appsec.code-level-vulnerability-rule-settings |
| environment |
Parameters
| Property | Label | Type | Description | Required |
|---|---|---|---|---|
| enabled | Enabled | boolean | - | required |
| criteria | Step 1: Define criteria | Criteria | - | required |
| vulnerabilityDetectionControl | Step 2: Define code-level vulnerability detection control for chosen criteria | VulnerabilityDetectionControl | - | required |
| metadata | Step 3: Leave comment (optional) | Metadata | - | required |
Request body objects
The Criteria object
| Property | Label | Type | Description | Required |
|---|---|---|---|---|
| processGroup | Process group | text | - | optional |
The VulnerabilityDetectionControl object
| Property | Label | Type | Description | Required |
|---|---|---|---|---|
| monitoringMode | Code-level vulnerability control | enum | - | required |
The Metadata object
| Property | Label | Type | Description | Required |
|---|---|---|---|---|
| comment | Comment | text | - | required |